admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:00:49 +00:00
parent 53e18cef4f
commit e507f2841c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
56 changed files with 3149 additions and 3149 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
1999/0xxx/CVE-1999-0313.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0313",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0313",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames."
"lang": "eng",
"value": "disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.securityfocus.com/bid/213/exploit",
"refsource" : "MISC",
"url" : "http://www.securityfocus.com/bid/213/exploit"
"name": "214",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/214"
},
{
"name" : "19980701-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/19980701-01-P"
"name": "sgi-disk-bandwidth(1441)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1441"
},
{
"name" : "214",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/214"
"name": "936",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/936"
},
{
"name" : "936",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/936"
"name": "http://www.securityfocus.com/bid/213/exploit",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/213/exploit"
},
{
"name" : "sgi-disk-bandwidth(1441)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1441"
"name": "19980701-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980701-01-P"
}
]
}

22
1999/0xxx/CVE-1999-0634.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0634",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-1999-0634",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"The SSH service is running.\""
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"The SSH service is running.\""
}
]
}

68
1999/0xxx/CVE-1999-0770.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0770",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0770",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems."
"lang": "eng",
"value": "Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "549",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/549"
"name": "1027",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1027"
},
{
"name" : "1027",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/1027"
"name": "549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/549"
}
]
}

22
2007/0xxx/CVE-2007-0207.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0207",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2007-0207",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none."
}
]
}

92
2007/0xxx/CVE-2007-0363.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0363",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0363",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in admin-search.php in (1) Openads for PostgreSQL (aka phpPgAds) before 2.0.10 and (2) Openads (aka phpAdsNew) before 2.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in admin-search.php in (1) Openads for PostgreSQL (aka phpPgAds) before 2.0.10 and (2) Openads (aka phpAdsNew) before 2.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sourceforge.net/project/shownotes.php?group_id=11386&release_id=479424",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?group_id=11386&release_id=479424"
"name": "23720",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23720"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?group_id=36679&release_id=479426",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?group_id=36679&release_id=479426"
"name": "http://sourceforge.net/project/shownotes.php?group_id=11386&release_id=479424",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=11386&release_id=479424"
},
{
"name" : "22124",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22124"
"name": "22124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22124"
},
{
"name" : "ADV-2007-0240",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0240"
"name": "http://sourceforge.net/project/shownotes.php?group_id=36679&release_id=479426",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=36679&release_id=479426"
},
{
"name" : "23720",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23720"
"name": "ADV-2007-0240",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0240"
},
{
"name" : "openads-unspecified-xss(31570)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31570"
"name": "openads-unspecified-xss(31570)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31570"
}
]
}

110
2007/1xxx/CVE-2007-1076.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1076",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1076",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php."
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1",
"refsource" : "MISC",
"url" : "http://www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1"
"name": "24242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24242"
},
{
"name" : "http://soft.zoneo.net/phpTrafficA/news.php",
"refsource" : "CONFIRM",
"url" : "http://soft.zoneo.net/phpTrafficA/news.php"
"name": "20070222 [true] phpTrafficA-1.4.1 Local File Inclusion",
"refsource": "VIM",
"url": "http://attrition.org/pipermail/vim/2007-February/001377.html"
},
{
"name" : "20070222 [true] phpTrafficA-1.4.1 Local File Inclusion",
"refsource" : "VIM",
"url" : "http://attrition.org/pipermail/vim/2007-February/001377.html"
"name": "ADV-2007-0709",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0709"
},
{
"name" : "22655",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22655"
"name": "http://soft.zoneo.net/phpTrafficA/news.php",
"refsource": "CONFIRM",
"url": "http://soft.zoneo.net/phpTrafficA/news.php"
},
{
"name" : "ADV-2007-0709",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0709"
"name": "22655",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22655"
},
{
"name" : "33373",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33373"
"name": "phptraffica-plotstat-banref-file-include(32628)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32628"
},
{
"name" : "33374",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33374"
"name": "http://www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1",
"refsource": "MISC",
"url": "http://www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1"
},
{
"name" : "24242",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24242"
"name": "33373",
"refsource": "OSVDB",
"url": "http://osvdb.org/33373"
},
{
"name" : "phptraffica-plotstat-banref-file-include(32628)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32628"
"name": "33374",
"refsource": "OSVDB",
"url": "http://osvdb.org/33374"
}
]
}

68
2007/1xxx/CVE-2007-1159.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1159",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1159",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in modules/out.php in Pyrophobia 2.1.3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in modules/out.php in Pyrophobia 2.1.3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "22667",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22667"
"name": "36879",
"refsource": "OSVDB",
"url": "http://osvdb.org/36879"
},
{
"name" : "36879",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36879"
"name": "22667",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22667"
}
]
}

86
2007/1xxx/CVE-2007-1183.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1183",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1183",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "WebAPP before 0.9.9.5 allows remote authenticated users to spoof another user's Real Name via whitespace, which has unknown impact and attack vectors."
"lang": "eng",
"value": "WebAPP before 0.9.9.5 allows remote authenticated users to spoof another user's Real Name via whitespace, which has unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250",
"refsource" : "CONFIRM",
"url" : "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250"
"name": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250",
"refsource": "CONFIRM",
"url": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250"
},
{
"name" : "22563",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22563"
"name": "ADV-2007-0604",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0604"
},
{
"name" : "ADV-2007-0604",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0604"
"name": "33293",
"refsource": "OSVDB",
"url": "http://osvdb.org/33293"
},
{
"name" : "33293",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33293"
"name": "24080",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24080"
},
{
"name" : "24080",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24080"
"name": "22563",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22563"
}
]
}

86
2007/1xxx/CVE-2007-1189.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1189",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1189",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the devpermcheck function grant unrestricted device permissions."
"lang": "eng",
"value": "Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the devpermcheck function grant unrestricted device permissions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "3383",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3383"
"name": "22749",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22749"
},
{
"name" : "[dailydave] 20070227 Wow, free kernel zero day?",
"refsource" : "MLIST",
"url" : "http://lists.immunitysec.com/pipermail/dailydave/2007-February/004118.html"
"name": "3383",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3383"
},
{
"name" : "http://kernelspace.us/itheft.c",
"refsource" : "MISC",
"url" : "http://kernelspace.us/itheft.c"
"name": "http://kernelspace.us/itheft.c",
"refsource": "MISC",
"url": "http://kernelspace.us/itheft.c"
},
{
"name" : "22749",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22749"
"name": "34956",
"refsource": "OSVDB",
"url": "http://osvdb.org/34956"
},
{
"name" : "34956",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34956"
"name": "[dailydave] 20070227 Wow, free kernel zero day?",
"refsource": "MLIST",
"url": "http://lists.immunitysec.com/pipermail/dailydave/2007-February/004118.html"
}
]
}

74
2007/1xxx/CVE-2007-1811.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1811",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1811",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action."
"lang": "eng",
"value": "SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "3625",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3625"
"name": "34470",
"refsource": "OSVDB",
"url": "http://osvdb.org/34470"
},
{
"name" : "34470",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34470"
"name": "3625",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3625"
},
{
"name" : "xoops-tinyevent-index-sql-injection(33359)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33359"
"name": "xoops-tinyevent-index-sql-injection(33359)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33359"
}
]
}

92
2007/5xxx/CVE-2007-5221.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5221",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5221",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in mail/childwindow.inc.php in Poppawid 2.7 allows remote attackers to execute arbitrary PHP code via a URL in the form parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in mail/childwindow.inc.php in Poppawid 2.7 allows remote attackers to execute arbitrary PHP code via a URL in the form parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4481",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4481"
"name": "poppawid-childwindow-file-include(36922)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36922"
},
{
"name" : "25897",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25897"
"name": "ADV-2007-3343",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3343"
},
{
"name" : "ADV-2007-3343",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3343"
"name": "4481",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4481"
},
{
"name" : "37422",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37422"
"name": "37422",
"refsource": "OSVDB",
"url": "http://osvdb.org/37422"
},
{
"name" : "27050",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27050"
"name": "27050",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27050"
},
{
"name" : "poppawid-childwindow-file-include(36922)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36922"
"name": "25897",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25897"
}
]
}

116
2007/5xxx/CVE-2007-5580.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5580",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2007-5580",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445."
"lang": "eng",
"value": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
"name": "3425",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3425"
},
{
"name" : "http://www.nsfocus.com/english/homepage/research/0702.htm",
"refsource" : "MISC",
"url" : "http://www.nsfocus.com/english/homepage/research/0702.htm"
"name": "27947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27947"
},
{
"name" : "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618",
"refsource" : "CONFIRM",
"url" : "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618"
"name": "ADV-2007-4103",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4103"
},
{
"name" : "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
"name": "1019046",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019046"
},
{
"name" : "26723",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26723"
"name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
},
{
"name" : "ADV-2007-4103",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/4103"
"name": "39521",
"refsource": "OSVDB",
"url": "http://osvdb.org/39521"
},
{
"name" : "39521",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/39521"
"name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
},
{
"name" : "1019046",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1019046"
"name": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618"
},
{
"name" : "27947",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27947"
"name": "26723",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26723"
},
{
"name" : "3425",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3425"
"name": "http://www.nsfocus.com/english/homepage/research/0702.htm",
"refsource": "MISC",
"url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
}
]
}

74
2007/5xxx/CVE-2007-5941.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5941",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5941",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method."
"lang": "eng",
"value": "Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4613",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4613"
"name": "4613",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4613"
},
{
"name" : "26388",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26388"
"name": "26388",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26388"
},
{
"name" : "adobe-shockwave-swctl-bo(38359)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38359"
"name": "adobe-shockwave-swctl-bo(38359)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38359"
}
]
}

80
2015/3xxx/CVE-2015-3317.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3317",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3317",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
"lang": "eng",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
"refsource" : "CONFIRM",
"url" : "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
"name": "1032513",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name" : "75033",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75033"
"name": "75033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name" : "1032512",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032512"
"name": "1032512",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"name" : "1032513",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032513"
"name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
]
}

86
2015/3xxx/CVE-2015-3375.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3375",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3375",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6.x-4.1 and 7.x-4.x before 7.x-4.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete user role matching rules via unspecified vectors."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6.x-4.1 and 7.x-4.x before 7.x-4.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete user role matching rules via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/29/6"
"name": "74276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74276"
},
{
"name" : "https://www.drupal.org/node/2411737",
"refsource" : "MISC",
"url" : "https://www.drupal.org/node/2411737"
"name": "https://www.drupal.org/node/2411271",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2411271"
},
{
"name" : "https://www.drupal.org/node/2411269",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2411269"
"name": "https://www.drupal.org/node/2411737",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2411737"
},
{
"name" : "https://www.drupal.org/node/2411271",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2411271"
"name": "https://www.drupal.org/node/2411269",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2411269"
},
{
"name" : "74276",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74276"
"name": "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/29/6"
}
]
}

22
2015/3xxx/CVE-2015-3581.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3581",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3581",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2015/3xxx/CVE-2015-3844.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3844",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-3844",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The getProcessRecordLocked method in services/core/java/com/android/server/am/ActivityManagerService.java in ActivityManager in Android before 5.1.1 LMY48I allows attackers to trigger incorrect process loading via a crafted application, as demonstrated by interfering with use of the Settings application, aka internal bug 21669445."
"lang": "eng",
"value": "The getProcessRecordLocked method in services/core/java/com/android/server/am/ActivityManagerService.java in ActivityManager in Android before 5.1.1 LMY48I allows attackers to trigger incorrect process loading via a crafted application, as demonstrated by interfering with use of the Settings application, aka internal bug 21669445."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[android-security-updates] 20150812 Nexus Security Bulletin (August 2015)",
"refsource" : "MLIST",
"url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ"
"name": "[android-security-updates] 20150812 Nexus Security Bulletin (August 2015)",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ"
},
{
"name" : "https://android.googlesource.com/platform/frameworks/base/+/e3cde784e3d99966f313fe00dcecf191f6a44a31",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/frameworks/base/+/e3cde784e3d99966f313fe00dcecf191f6a44a31"
"name": "https://android.googlesource.com/platform/frameworks/base/+/e3cde784e3d99966f313fe00dcecf191f6a44a31",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/base/+/e3cde784e3d99966f313fe00dcecf191f6a44a31"
}
]
}

74
2015/4xxx/CVE-2015-4319.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4319",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4319",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 improperly performs authorization, which allows remote authenticated users to reset arbitrary active-user passwords via unspecified vectors, aka Bug ID CSCuv12338."
"lang": "eng",
"value": "The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 improperly performs authorization, which allows remote authenticated users to reset arbitrary active-user passwords via unspecified vectors, aka Bug ID CSCuv12338."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150814 Cisco TelePresence Video Communication Server Expressway Access Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40442"
"name": "76366",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76366"
},
{
"name" : "76366",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/76366"
"name": "1033323",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033323"
},
{
"name" : "1033323",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033323"
"name": "20150814 Cisco TelePresence Video Communication Server Expressway Access Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40442"
}
]
}

22
2015/4xxx/CVE-2015-4457.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4457",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4457",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2015/7xxx/CVE-2015-7881.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7881",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7881",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with certain permissions to bypass intended access restrictions and \"add unexpected content to a Colorbox\" via unspecified vectors, possibly related to a link in a comment."
"lang": "eng",
"value": "The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with certain permissions to bypass intended access restrictions and \"add unexpected content to a Colorbox\" via unspecified vectors, possibly related to a link in a comment."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.drupal.org/node/2582071",
"refsource" : "MISC",
"url" : "https://www.drupal.org/node/2582071"
"name": "https://www.drupal.org/node/2582071",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2582071"
},
{
"name" : "https://www.drupal.org/node/2578165",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2578165"
"name": "https://www.drupal.org/node/2578165",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2578165"
}
]
}

122
2015/8xxx/CVE-2015-8453.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8453",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-8453",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to bypass the ASLR protection mechanism via JIT data, a different vulnerability than CVE-2015-8409 and CVE-2015-8440."
"lang": "eng",
"value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to bypass the ASLR protection mechanism via JIT data, a different vulnerability than CVE-2015-8409 and CVE-2015-8440."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://zerodayinitiative.com/advisories/ZDI-15-614",
"refsource" : "MISC",
"url" : "http://zerodayinitiative.com/advisories/ZDI-15-614"
"name": "openSUSE-SU-2015:2239",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html"
},
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
"name": "78713",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78713"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
"name": "http://zerodayinitiative.com/advisories/ZDI-15-614",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-15-614"
},
{
"name" : "GLSA-201601-03",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201601-03"
"name": "SUSE-SU-2015:2236",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html"
},
{
"name" : "SUSE-SU-2015:2236",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html"
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"name" : "SUSE-SU-2015:2247",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html"
"name": "SUSE-SU-2015:2247",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html"
},
{
"name" : "openSUSE-SU-2015:2239",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html"
"name": "1034318",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034318"
},
{
"name" : "78713",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/78713"
"name": "GLSA-201601-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201601-03"
},
{
"name" : "1034318",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034318"
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
}
]
}

104
2015/8xxx/CVE-2015-8705.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8705",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8705",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option."
"lang": "eng",
"value": "buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://kb.isc.org/article/AA-01336",
"refsource" : "CONFIRM",
"url" : "https://kb.isc.org/article/AA-01336"
"name": "https://kb.isc.org/article/AA-01336",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/article/AA-01336"
},
{
"name" : "https://kb.isc.org/article/AA-01380",
"refsource" : "CONFIRM",
"url" : "https://kb.isc.org/article/AA-01380"
"name": "FEDORA-2016-f3517b9c4c",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175977.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"
"name": "1034740",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034740"
},
{
"name" : "FEDORA-2016-1ab53bf440",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176564.html"
"name": "81314",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81314"
},
{
"name" : "FEDORA-2016-f3517b9c4c",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175977.html"
"name": "GLSA-201610-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-07"
},
{
"name" : "GLSA-201610-07",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201610-07"
"name": "https://kb.isc.org/article/AA-01380",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/article/AA-01380"
},
{
"name" : "81314",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/81314"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"
},
{
"name" : "1034740",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034740"
"name": "FEDORA-2016-1ab53bf440",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176564.html"
}
]
}

86
2015/8xxx/CVE-2015-8734.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8734",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8734",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
"lang": "eng",
"value": "The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-52.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-52.html"
"name": "http://www.wireshark.org/security/wnpa-sec-2015-52.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-52.html"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11726",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11726"
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11726",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11726"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9b2c889abe0219fc162659e106c5b95deb6268f3",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9b2c889abe0219fc162659e106c5b95deb6268f3"
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9b2c889abe0219fc162659e106c5b95deb6268f3",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9b2c889abe0219fc162659e106c5b95deb6268f3"
},
{
"name" : "GLSA-201604-05",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201604-05"
"name": "GLSA-201604-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"name" : "1034551",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034551"
"name": "1034551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034551"
}
]
}

70
2015/9xxx/CVE-2015-9191.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2015-9191",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2015-9191",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Snapdragon Mobile, Snapdragon Wear",
"version" : {
"version_data" : [
"product_name": "Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value" : "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 617, SD 650/52, SD 808, SD 810, SDX20"
"version_value": "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 617, SD 650/52, SD 808, SD 810, SDX20"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 617, SD 650/52, SD 808, SD 810, and SDX20, in a QTEE syscall handler, an untrusted pointer dereference can occur."
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 617, SD 650/52, SD 808, SD 810, and SDX20, in a QTEE syscall handler, an untrusted pointer dereference can occur."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Untrusted Pointer Dereference in TrustZone"
"lang": "eng",
"value": "Untrusted Pointer Dereference in TrustZone"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}

74
2016/0xxx/CVE-2016-0072.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0072",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-0072",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0060, CVE-2016-0061, CVE-2016-0063, and CVE-2016-0067."
"lang": "eng",
"value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0060, CVE-2016-0061, CVE-2016-0063, and CVE-2016-0067."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-157",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-157"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-157",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-157"
},
{
"name" : "MS16-009",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009"
"name": "1034971",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034971"
},
{
"name" : "1034971",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034971"
"name": "MS16-009",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009"
}
]
}

74
2016/1xxx/CVE-2016-1446.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1446",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1446",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200."
"lang": "eng",
"value": "SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160714 Cisco WebEx Meetings Server Administrator Interface SQL Injection Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms"
"name": "91786",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91786"
},
{
"name" : "91786",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91786"
"name": "1036312",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036312"
},
{
"name" : "1036312",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036312"
"name": "20160714 Cisco WebEx Meetings Server Administrator Interface SQL Injection Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms"
}
]
}

128
2016/1xxx/CVE-2016-1636.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1636",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1636",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity (aka SRI) protection mechanism by triggering two loads of the same resource."
"lang": "eng",
"value": "The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity (aka SRI) protection mechanism by triggering two loads of the same resource."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html"
"name": "openSUSE-SU-2016:0664",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=584155",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=584155"
"name": "openSUSE-SU-2016:0684",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html"
},
{
"name" : "https://codereview.chromium.org/1713093002",
"refsource" : "CONFIRM",
"url" : "https://codereview.chromium.org/1713093002"
"name": "84008",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84008"
},
{
"name" : "DSA-3507",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3507"
"name": "DSA-3507",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3507"
},
{
"name" : "GLSA-201603-09",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-09"
"name": "1035185",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035185"
},
{
"name" : "SUSE-SU-2016:0665",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html"
"name": "https://codereview.chromium.org/1713093002",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1713093002"
},
{
"name" : "openSUSE-SU-2016:0664",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html"
"name": "openSUSE-SU-2016:0729",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html"
},
{
"name" : "openSUSE-SU-2016:0684",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html"
"name": "SUSE-SU-2016:0665",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html"
},
{
"name" : "openSUSE-SU-2016:0729",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html"
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name" : "USN-2920-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2920-1"
"name": "https://code.google.com/p/chromium/issues/detail?id=584155",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=584155"
},
{
"name" : "84008",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84008"
"name": "USN-2920-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2920-1"
},
{
"name" : "1035185",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035185"
"name": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html"
}
]
}

128
2016/1xxx/CVE-2016-1680.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1680",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1680",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors."
"lang": "eng",
"value": "Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html"
"name": "90876",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90876"
},
{
"name" : "https://codereview.chromium.org/1751883004",
"refsource" : "CONFIRM",
"url" : "https://codereview.chromium.org/1751883004"
"name": "openSUSE-SU-2016:1496",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html"
},
{
"name" : "https://crbug.com/589848",
"refsource" : "CONFIRM",
"url" : "https://crbug.com/589848"
"name": "1035981",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035981"
},
{
"name" : "DSA-3590",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3590"
"name": "DSA-3590",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3590"
},
{
"name" : "GLSA-201607-07",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201607-07"
"name": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html"
},
{
"name" : "RHSA-2016:1190",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1190"
"name": "USN-2992-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2992-1"
},
{
"name" : "openSUSE-SU-2016:1430",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html"
"name": "openSUSE-SU-2016:1430",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html"
},
{
"name" : "openSUSE-SU-2016:1433",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html"
"name": "https://crbug.com/589848",
"refsource": "CONFIRM",
"url": "https://crbug.com/589848"
},
{
"name" : "openSUSE-SU-2016:1496",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html"
"name": "RHSA-2016:1190",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1190"
},
{
"name" : "USN-2992-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2992-1"
"name": "https://codereview.chromium.org/1751883004",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1751883004"
},
{
"name" : "90876",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90876"
"name": "GLSA-201607-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-07"
},
{
"name" : "1035981",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035981"
"name": "openSUSE-SU-2016:1433",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html"
}
]
}

22
2016/1xxx/CVE-2016-1890.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1890",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1890",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2016/5xxx/CVE-2016-5079.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5079",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5079",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

132
2016/5xxx/CVE-2016-5291.json
View File

@ -1,124 +1,124 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2016-5291",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2016-5291",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "45.5"
"version_affected": "<",
"version_value": "45.5"
}
]
}
},
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "45.5"
"version_affected": "<",
"version_value": "45.5"
}
]
}
},
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "50"
"version_affected": "<",
"version_value": "50"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
"vendor_name": "Mozilla"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50."
"lang": "eng",
"value": "A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Same-origin policy violation using local HTML file and saved shortcut file"
"lang": "eng",
"value": "Same-origin policy violation using local HTML file and saved shortcut file"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1292159",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1292159"
"name": "DSA-3730",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2016/dsa-3730"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-89/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-89/"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1292159",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1292159"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-90/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-90/"
"name": "1037298",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037298"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-93/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-93/"
"name": "GLSA-201701-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-15"
},
{
"name" : "DSA-3730",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2016/dsa-3730"
"name": "94336",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94336"
},
{
"name" : "GLSA-201701-15",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-15"
"name": "https://www.mozilla.org/security/advisories/mfsa2016-93/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-93/"
},
{
"name" : "RHSA-2016:2780",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2780.html"
"name": "RHSA-2016:2780",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html"
},
{
"name" : "94336",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94336"
"name": "https://www.mozilla.org/security/advisories/mfsa2016-89/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-89/"
},
{
"name" : "1037298",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037298"
"name": "https://www.mozilla.org/security/advisories/mfsa2016-90/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-90/"
}
]
}

104
2016/5xxx/CVE-2016-5330.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5330",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5330",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
"lang": "eng",
"value": "Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160805 DLL side loading vulnerability in VMware Host Guest Client Redirector",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/539131/100/0/threaded"
"name": "1036544",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036544"
},
{
"name" : "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html",
"refsource" : "MISC",
"url" : "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html"
"name": "1036619",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036619"
},
{
"name" : "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload",
"refsource" : "MISC",
"url" : "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload"
"name": "92323",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92323"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2016-0010.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2016-0010.html"
"name": "http://www.vmware.com/security/advisories/VMSA-2016-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0010.html"
},
{
"name" : "92323",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92323"
"name": "20160805 DLL side loading vulnerability in VMware Host Guest Client Redirector",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539131/100/0/threaded"
},
{
"name" : "1036544",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036544"
"name": "1036545",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036545"
},
{
"name" : "1036545",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036545"
"name": "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html",
"refsource": "MISC",
"url": "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html"
},
{
"name" : "1036619",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036619"
"name": "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload",
"refsource": "MISC",
"url": "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload"
}
]
}

80
2016/5xxx/CVE-2016-5476.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5476",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-5476",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
"name": "1036397",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036397"
},
{
"name" : "91897",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91897"
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name" : "1036397",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036397"
"name": "91897",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91897"
}
]
}

74
2016/5xxx/CVE-2016-5606.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5606",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-5606",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
"name": "1037048",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037048"
},
{
"name" : "93725",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93725"
"name": "93725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93725"
},
{
"name" : "1037048",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037048"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
}
]
}

104
2018/2xxx/CVE-2018-2403.json
View File

@ -1,88 +1,88 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2403",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2403",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "SAP Disclosure Management",
"version" : {
"version_data" : [
"product_name": "SAP Disclosure Management",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "10.1"
"version_affected": "=",
"version_value": "10.1"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
"vendor_name": "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted. It is possible for an authorized user to get SAP Disclosure Management to point a specific chapter type to a chapter the user has not been given access to."
"lang": "eng",
"value": "Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted. It is possible for an authorized user to get SAP Disclosure Management to point a specific chapter type to a chapter the user has not been given access to."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"privilegesRequired" : "LOW",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version" : "3.0"
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information Disclosure"
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://launchpad.support.sap.com/#/notes/2595800",
"refsource" : "MISC",
"url" : "https://launchpad.support.sap.com/#/notes/2595800"
"name": "https://launchpad.support.sap.com/#/notes/2595800",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2595800"
},
{
"name" : "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/",
"refsource" : "CONFIRM",
"url" : "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/"
"name": "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/",
"refsource": "CONFIRM",
"url": "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/"
},
{
"name" : "103727",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103727"
"name": "103727",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103727"
}
]
}

114
2018/2xxx/CVE-2018-2941.json
View File

@ -1,105 +1,105 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-2941",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2941",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Java",
"version" : {
"version_data" : [
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "Java SE: 7u181"
"version_affected": "=",
"version_value": "Java SE: 7u181"
},
{
"version_affected" : "=",
"version_value" : "8u172"
"version_affected": "=",
"version_value": "8u172"
},
{
"version_affected" : "=",
"version_value" : "10.0.1"
"version_affected": "=",
"version_value": "10.0.1"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u181, 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
"lang": "eng",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u181, 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE."
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
"name": "RHSA-2018:2254",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2254"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20180726-0001/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20180726-0001/"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name" : "RHSA-2018:2253",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2253"
"name": "https://security.netapp.com/advisory/ntap-20180726-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180726-0001/"
},
{
"name" : "RHSA-2018:2254",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2254"
"name": "RHSA-2018:2255",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2255"
},
{
"name" : "RHSA-2018:2255",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2255"
"name": "104775",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104775"
},
{
"name" : "RHSA-2018:2256",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2256"
"name": "RHSA-2018:2256",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2256"
},
{
"name" : "104775",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104775"
"name": "RHSA-2018:2253",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2253"
},
{
"name" : "1041302",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041302"
"name": "1041302",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041302"
}
]
}

22
2019/0xxx/CVE-2019-0084.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0084",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0084",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/0xxx/CVE-2019-0239.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0239",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0239",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

108
2019/0xxx/CVE-2019-0605.json
View File

@ -1,124 +1,124 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0605",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0605",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Microsoft Edge",
"version" : {
"version_data" : [
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value" : "Windows 10 for 32-bit Systems"
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value" : "Windows 10 for x64-based Systems"
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value" : "Windows Server 2016"
"version_value": "Windows Server 2016"
},
{
"version_value" : "Windows 10 Version 1607 for 32-bit Systems"
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value" : "Windows 10 Version 1607 for x64-based Systems"
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value" : "Windows 10 Version 1703 for 32-bit Systems"
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value" : "Windows 10 Version 1703 for x64-based Systems"
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value" : "Windows 10 Version 1709 for 32-bit Systems"
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value" : "Windows 10 Version 1709 for x64-based Systems"
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value" : "Windows 10 Version 1803 for 32-bit Systems"
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value" : "Windows 10 Version 1803 for x64-based Systems"
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value" : "Windows 10 Version 1803 for ARM64-based Systems"
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value" : "Windows 10 Version 1809 for 32-bit Systems"
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value" : "Windows 10 Version 1809 for x64-based Systems"
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value" : "Windows 10 Version 1809 for ARM64-based Systems"
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value" : "Windows Server 2019"
"version_value": "Windows Server 2019"
},
{
"version_value" : "Windows 10 Version 1709 for ARM64-based Systems"
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name" : "ChakraCore",
"version" : {
"version_data" : [
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value" : ""
"version_value": ""
}
]
}
}
]
},
"vendor_name" : "Microsoft"
"vendor_name": "Microsoft"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote Code Execution"
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605"
},
{
"name" : "106905",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106905"
"name": "106905",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106905"
}
]
}

22
2019/0xxx/CVE-2019-0763.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0763",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0763",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/0xxx/CVE-2019-0970.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0970",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0970",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1205.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1205",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1205",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1240.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1240",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1240",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1366.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1366",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1366",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1544.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1544",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1544",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4131.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4131",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4131",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4148.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4148",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4148",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4286.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4286",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4286",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4355.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4355",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4355",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5043.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5043",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5043",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5391.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5391",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5391",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5421.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5421",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5421",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5622.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5622",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5622",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9001.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9001",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9001",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2019/9xxx/CVE-2019-9192.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9192",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9192",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern."
"lang": "eng",
"value": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=24269",
"refsource" : "MISC",
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=24269"
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269"
}
]
}

62
2019/9xxx/CVE-2019-9725.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9725",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9725",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f devices has Persistent XSS via the Port Alias field under Serial Setting."
"lang": "eng",
"value": "The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f devices has Persistent XSS via the Port Alias field under Serial Setting."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://medium.com/@bertinjoseb/korenix-jetport-web-manager-persistent-xss-6cf7e2a38634",
"refsource" : "MISC",
"url" : "https://medium.com/@bertinjoseb/korenix-jetport-web-manager-persistent-xss-6cf7e2a38634"
"name": "https://medium.com/@bertinjoseb/korenix-jetport-web-manager-persistent-xss-6cf7e2a38634",
"refsource": "MISC",
"url": "https://medium.com/@bertinjoseb/korenix-jetport-web-manager-persistent-xss-6cf7e2a38634"
}
]
}